Research carried out by Google in association with the University of California, Berkeley has established that there are 1.9 billion usernames and passwords being traded on the black market. What’s more, as many of 25 percent of these stolen credentials could actually be used to access a legitimate Google account.
The report used Google’s proprietary data to investigate whether or not the pilfered passwords would unlock the door to working accounts, according to Business Insider. Unfortunately, it confirmed that this is definitely the case, reaffirming the importance of proper online security.
“Through a combination of password re-use across thousands of online services and targeted collection,” reads the study. “We estimated seven to 25 percent of stolen passwords in our dataset would enable an attacker to log in to a victim’s Google account and thus take over their online identity due to transitive trust.”
This is the danger of using the same password across multiple sites and services — if it’s exposed in one data breach, attackers might be able to combine it with known usernames or email accounts to access various different accounts.
We’ve seen plenty of breaches that left user passwords out in the open in recent years. In 2012, millions of encrypted LinkedIn passwords were leaked to the web, while we’re only just starting to understand the scope of an attack on Yahoo that took place in 2013 — in October, reports circulated that some 3 billion accounts were affected.
The researchers offer up a few different methods that people can use to protect their accounts from unauthorized access. For example, they might use a password manager that creates bespoke entry key for each individual site or service they visit, without them having to remember each one for themselves.
It’s also considered a best practice to employ two-factor authentication, especially for important accounts. This means that anyone gaining access from a new device also needs to provide a code that is typically sent to a smartphone, or an approved email account.
Of course, choosing a secure password is a good start. The top three passwords from plaintext leaks analyzed in this study were ‘123456,’ ‘password,’ and ‘123456789,’ none of which are particularly strong.
Related Posts
This extraordinary humanoid robot plays basketball like a pro, really
Digital Trends has already reported on the G1’s ability to move in a way that would make even the world’s top gymnasts envious, with various videos showing it engaged in combat, recovering from falls, and even doing the housework.
How to Use Pollo AI Video Generator: A Step-by-Step Guide
Here we’re talking about the Pollo AI video generator which can be used with a variety of prompts, and I’ll talk you through using each one.
This 49-inch curved Samsung ultrawide is down to $799.99 and basically replaces two monitors at once
You’re getting a massive 49-inch curved Dual QHD panel, 120Hz refresh rate, USB-C, HDR400, and an adjustable stand that’s built for serious productivity but still fast and smooth enough for after-hours gaming.